News for Greenkeeper: pnpm, Yarn Workspaces, License Change Alerts and more posted Tuesday, June 25, 2019 by liv

In the months since we've last published new features for Greenkeeper, we have been working on making our service more robust and secure, as well as adding some functionality that you might be interested in. Read on for the changelog!

Lockfile Support for Yarn Workspaces

For those of you that use Yarn Workspaces, we have good news: Greenkeeper now supports workspaces, without any additional configuration! It will automatically update every workspace as defined in your top-level package.json file. This works with both of the following layouts:

  "private": true,
  "workspaces": ["packages/*", "docs"]

// or

  "private": true,
  "workspaces": {
    "packages": ["packages/*", "docs"]

This works even if you're using Yarn Workspaces with Lerna.

PNPM Lockfile Updates

Greenkeeper now updates pnpm lockfiles (the pnpm-lock.yaml file)!

Greenkeeper shows license changes

If a license of a dependency you use suddenly changes from one version to another, it could lead to legal problems in certain circumstances if you simply update it without a second thought. Greenkeeper now points out if a license has changed from one version to another:

Screenshot illustrating the way Greenkeeper lets you know if a dependency's license has changed

Greenkeeper shows package publishers

In a similar vein, Greenkeeper will now show you who has published an update of the specified dependency. This makes it easy to verify if the author is trusted, which helps you to not accidentally install malicious updates to your project.

We hope that you enjoy these updates!